Microsoft published a new set of security advisories covering multiple third-party and open-source components, led by several Chromium vulnerabilities affecting WebGL, WebRTC, ANGLE, V8, PDFium, the Digital Credentials API, and Extensions. The issues include out-of-bounds read and write, heap buffer overflow, integer overflow, and use-after-free conditions tracked as CVE-2026-4440, CVE-2026-4463, CVE-2026-4464, CVE-2026-4447, CVE-2026-4446, CVE-2026-4456, CVE-2026-4452, CVE-2026-4455, CVE-2026-4450, and CVE-2026-4458. Microsoft also listed CVE-2026-4437, a flaw in gethostbyaddr and gethostbyaddr_r that may incorrectly handle DNS responses.
The advisory set also includes pyOpenSSL flaws CVE-2026-27459, a DTLS cookie callback buffer overflow, and CVE-2026-27448, which could allow TLS connection bypass through an unhandled exception in set_tlsext_servername_callback. Additional entries cover several Linux kernel issues, including a potential NULL pointer dereference in RDMA/siw (CVE-2026-23242), a refcount bug and potential use-after-free in perf_mmap (CVE-2026-23248), an infinite loop in ntfs3 metadata handling (CVE-2025-71265), an io_uring memory-management flaw (CVE-2026-23259), and a divide error in rivafb (CVE-2026-23266), alongside audit subsystem updates tracked as CVE-2025-71239 and CVE-2026-23241.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
8 events from the most recent confirmed update back to the earliest known activity.
Microsoft's Security Update Guide published an advisory for CVE-2026-4678, a Chromium use-after-free vulnerability in WebGPU. The entry adds another Chromium vulnerability to Microsoft's March 2026 disclosure set.
Microsoft's Security Update Guide published an advisory for CVE-2026-23281 affecting the Linux kernel wifi/libertas subsystem, described as a fix for a use-after-free in lbs_free_adapter(). The entry adds another open-source component vulnerability to Microsoft's March 2026 disclosures.
Microsoft's Security Update Guide published an advisory for CVE-2026-23296 affecting the Linux kernel SCSI core, described as a fix for a refcount leak in tagset_refcnt handling. The entry adds another open-source component vulnerability to Microsoft's March 2026 disclosures.
Microsoft's Security Update Guide published an advisory for CVE-2026-23351 affecting Linux netfilter, specifically nft_set_pipapo garbage-collection handling. The entry added another open-source component vulnerability to Microsoft's March 2026 disclosures.
Microsoft's Security Update Guide published multiple Chromium CVE entries covering WebGL, WebRTC, ANGLE, V8, PDFium, Extensions, and the Digital Credentials API. The batch included out-of-bounds read/write, heap buffer overflow, integer overflow, and use-after-free issues.
Microsoft published a Security Update Guide entry for CVE-2026-4437, describing incorrect handling of DNS responses by gethostbyaddr and gethostbyaddr_r. The advisory added another non-Chromium vulnerability to the March disclosures.
Additional Security Update Guide entries were published for Linux kernel flaws in io_uring/rw and fbdev:rivafb, describing memory handling and divide error issues. This expanded the set of disclosed open-source component vulnerabilities tracked by Microsoft.
Microsoft's Security Update Guide published multiple vulnerability entries affecting Linux kernel components and pyOpenSSL, including issues in audit, ntfs3, RDMA/siw, perf/core, and TLS/DTLS handling. These advisories document the vulnerabilities and associated fixes or affected components.
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
26 references tracked. Mallory keeps watching after this page renders.
msrc.microsoft.com
Open sourcemsrc.microsoft.com
Open sourcemsrc.microsoft.com
Open sourcemsrc.microsoft.com
Open sourcemsrc.microsoft.com
Open sourcemsrc.microsoft.com
Open sourcemsrc.microsoft.com
Open sourcemsrc.microsoft.com
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.